Perform a sql injection attack in the search for users box

Assignment Help Database Management System

Reference no: EM132135940

SQL injection on a search

The way Search performs its task is by executing the following query (in a php script):

$var=stripslashes($_POST['search']);
$query = "SELECT username from lab1_login where username ='".$var."'";

The structure of the database table that is maintained by the webservice and on which this query runs is as follows:

mysql> desc lab1_login;

Field	Type	Null	Key	Default	Extra
uid	int(11)	NO	PRI		auto_increment
username	varchar(255)	YES
password	varchar(255)	YES

Your task is to now perform a SQL Injection attack in the "Search for users" box such that it prints out all the usernames and passwords.

Reference no: EM132135940

Questions Cloud

What can you do to identify duplicated data : What can you do to identify duplicated when the patient is being registered and after?

What is the probability that the student answers : If the student randomly guesses on each questions, what is the probability that the student answers fewer than 4 questions correctly?

Produce a report with descriptive report and column headings : Produce a report with descriptive report and column headings. Be sure there is enough data to prove the selection and sort worked as required.

What is the probability that the student answers : If the student randomly guesses on each question , what is the probability that the student answers 3 questions correctly?

Perform a sql injection attack in the search for users box : Your task is to now perform a SQL Injection attack in the "Search for users" box such that it prints out all the usernames and passwords.

What is the set of possible values of variable x : A coin is flipped five times in an experiment. If x is the number of heads that turn out in the experiment, what is the set of possible values of variable x?

What is the df value for the t statistic for study : An independent-measures study has one sample with n = 10 and a second sample with n = 15 to compare two experimental treatments

Dogs weight and how long the dog lived : The following is data a veterinarian collected from some of her clients. it is a rough estimate % of dogs weight and how long the dog lived

Write a pl-sql stored function that takes username : Write a PL/SQL stored function that takes username as input and returns number of documents that user has permissions to view.

User Account

All Pages